thinkalexandria / boringauth Goto Github PK

Straightforward password, passphrase, TOTP, and HOTP user authentication

License: Other

Makefile 2.16% C 18.33% Rust 78.12% Python 1.39%

2factor hotp oath 2fa security password-store

boringauth's Introduction

BoringAuth

BoringAuth is a collection of tools for user authentication. BoringAuth is a fork of LibreAuth that chooses to use the actively developed ring crypto crate over the dead rust-crypto crate for its crypto primitives.

Ring compatibility chart.

BoringAuth	Ring
v0.6.4	0.12
v0.7.0	0.13

Features

Password / passphrase authentication
- no character-set limitation
- reasonable lenth limit (security vs. DOS)
- strong, evolutive and retro-compatible password derivation functions
- crypt() compatibility
HOTP - HMAC-based One-time Password Algorithm (OATH - RFC 4226)
- the key can be passed as bytes, an ASCII string, an hexadicimal string or a base32 string
- customizable counter
- customizable hash function (sha1, sha256, sha512)
- customizable output length
- customizable output alphabet
TOTP - Time-based One-time Password Algorithm (OATH - RFC 6238)
- the key can be passed as bytes, an ASCII string, an hexadicimal string or a base32 string
- customizable timestamp
- customizable period
- customizable initial time (T0)
- customizable hash function (sha1, sha256, sha512)
- customizable output length
- customizable output alphabet
- customizable positive and negative period tolerance
YubiKey OTP (Yubico)
- virtual device API
- client API
- server API
U2F - Universal 2nd Factor (FIDO Alliance)
- virtual device API
- client API
- server API

Using within a Rust project

You can find BoringAuth on crates.io and include it in your Cargo.toml:

boringauth = "*"

Using outside Rust

In order to build BoringAuth, you will need both the rust compiler and cargo.

$ git clone https://github.com/ThinkAlexandria/boringauth.git
$ cd boringauth
$ make
$ make install prefix=/usr

Quick examples

Rust

extern crate boringauth;
use boringauth::oath::TOTPBuilder;

let key = "GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ".to_string();
let code = TOTPBuilder::new()
    .base32_key(&key)
    .finalize()
    .unwrap()
    .generate();
assert_eq!(code.len(), 6);

C

#include <stdio.h>
#include <boringauth.h>

int main(void) {
  struct boringauth_totp_cfg cfg;
  char   code[7], key[] = "12345678901234567890";

  if (boringauth_totp_init(&cfg) != LIBREAUTH_OTP_SUCCESS) {
    return 1;
  }
  cfg.key = key;
  cfg.key_len = sizeof(key);
  if (boringauth_totp_generate(&cfg, code) != LIBREAUTH_OTP_SUCCESS) {
    return 2;
  }

  printf("%s\n", code);

  return 0;
}

$ cc -o totp totp.c -lboringauth
$ ./totp
848085

Python

from ctypes.util import find_library
from struct import Struct
from ctypes import *

class TOTPcfg(Structure):
    _fields_ = [
        ('key', c_char_p),
        ('key_len', c_size_t),
        ('timestamp', c_longlong),
        ('period', c_uint),
        ('initial_time', c_ulonglong),
        ('output_len', c_size_t),
        ('output_base', c_char_p),
        ('output_base_len', c_size_t),
        ('hash_function', c_int),
    ]

def get_totp():
    key = b'12345678901234567890'
    lib_path = find_library('boringauth') or 'target/release/libboringauth.so'
    lib = cdll.LoadLibrary(lib_path)
    cfg = TOTPcfg()
    if lib.boringauth_totp_init(byref(cfg)) != 0:
        return
    cfg.key_len = len(key)
    cfg.key = c_char_p(key)
    code = create_string_buffer(b'\000' * cfg.output_len)
    if lib.boringauth_totp_generate(byref(cfg), code) != 0:
        return
    return str(code.value, encoding="utf-8")

if __name__ == '__main__':
    code = get_totp()
    print('{}'.format(code))

boringauth's People

Contributors

Stargazers

Watchers

Forkers

cm58 evansmurithi kpcyrd iliana hellow554 cbarber donfanning shabbirhasan1 sigmadeltacom

boringauth's Issues

TOTP / HOTP does not match other implementations?

In testing this crate's TOTP implementation against Yubico Authenticator, I found that the (default, so 6-digit SHA-1) TOTP codes generated by Yubico Authenticator were not accepted by TOTP::is_valid(). I tested another implementation that I wrote many years ago in Python, whose codes did match Yubico Authenticator. I then came up with a Rust implementation that matches Yubico Authenticator and my older Python code:

fn totp_valid(secret: &[u8], code: &str, tolerance: u64) -> bool {
    assert!(tolerance < 7);
    let testing = u32::from_str(code).unwrap();
    let anchor = SystemTime::now()
        .duration_since(time::UNIX_EPOCH)
        .unwrap()
        .as_secs()
        / 30;
    let key = hmac::Key::new(hmac::HMAC_SHA1_FOR_LEGACY_USE_ONLY, secret);
    let mut tested = [false; 16];

    for i in (7u64 - tolerance)..(8 + tolerance) {
        let current = (anchor + i) - 8;
        let tag = hmac::sign(&key, &current.to_be_bytes()[..]);
        let offset = (tag.as_ref()[19] & 15) as usize;
        let p = u32::from_be_bytes(tag.as_ref()[offset..offset + 4].try_into().unwrap());
        tested[i as usize] = dbg!((p & 0x7fff_ffff) % 1_000_000) == testing;
    }

    tested.iter().fold(false, |acc, p| acc | p)
}

Document mistake on default hash algorithm of TOTP

All the document says the default hash algorithm of TOTP is SHA1, but apparently the code says it is SHA256.

Screenshot of the document

Screenshot of the code

Althrough sha256 may be more secured than sha1. Still most authenticator apps(Microsoft or Google) do not support it. I guess it's more suitable to set the default SHA1.

Can you bump ring?

Since commits are slow right now, how about a ring 0.15 and then afterwards a ring 0.16 release so that people using web frameworks which also depend on ring have a chance to use BoringAuth?

Would be cool. :)

Arbitrary upper limit to code length?

I was trying to generate larger TOTP values and noticed that output values are capped at 2^31 bits -- is there a reason for this? The HOTP paper recommends that an easy way to improve security is to just extract more characters from the HMAC hash.